TEL. & FAX +66(0)2-020-3301

EDR-G903 Series

Home  >   MOXA  >   Industrial Network Infrastructure  >  
Secure Routers  >   Secure Routers

Industrial secure routers with firewall/NAT/VPN

Product Feature

  • Firewall/NAT/VPN/Router all-in-one
  • Secure remote access tunnel with VPN
  • Stateful firewall protects critical assets
  • Inspect industrial protocols with PacketGuard technology
  • Easy network setup with Network Address Translation (NAT)
  • Dual WAN redundant interfaces through public networks
  • Support for VLANs in different interfaces
  • -40 to 75°C operating temperature range (-T model)
  • Security features based on IEC 62443/NERC CIP

Introduction

The EDR-G903 is a high-performance, industrial VPN server with a firewall/NAT all-in-one secure router. It is designed for Ethernet-based security applications on critical remote control or monitoring networks, and it provides an Electronic Security Perimeter for the protection of critical cyber assets such as pumping stations, DCS, PLC systems on oil rigs, and water treatment systems. The EDR-G903 Series includes the following cybersecurity features:

  • Virtual Private Network (VPN): VPNs are designed to provide users with secure communication links when accessing a private network from the public Internet. They use IPsec (IP Security) server or client mode for encryption and authentication of all IP packets at the network layer to ensure confidentiality and sender authentication.
  • Firewall: Controls network traffic between different trust zones. Network Address Translation (NAT), which shields the internal LAN from unauthorized activity from outside hosts.

The EDR-G903’s Quick Automation Profile function supports most common fieldbus protocols, including EtherCAT, EtherNet/IP, FOUNDATION Fieldbus, Modbus TCP, and PROFINET. Users can easily create a secure Ethernet Fieldbus network from a user-friendly web UI with a single click. In addition, Moxa’s PacketGuard technology (Deep Packet Inspection) helps to filter Modbus TCP commands at OSI layer 7. The wide-temperature range models that are available operate reliably in hazardous, -40 to 75°C environments.

Input/Output Interface

Alarm Contact Channels1 relay output with current carrying capacity of 1 A @ 24 VDC
ButtonsReset button
Digital Input Channels+13 to +30 V for state 1
-30 to +3 V for state 0
Max. input current: 8 mA
Relay Channels1

Ethernet Interface

Combo Ports (10/100/1000BaseT(X) or 100/1000BaseSFP+)3
StandardsIEEE 802.1Q for VLAN Tagging
IEEE 802.3 for 10BaseT
IEEE 802.3ab for 1000BaseT(X)
IEEE 802.3u for 100BaseT(X) and 100BaseFX
IEEE 802.3x for flow control
IEEE 802.3z for 1000BaseSX/LX/LHX/ZX
WAN Ports, RJ45/Fiber Combo Port1
DMZ Ports, RJ45/Fiber Combo Port1
LAN Ports, RJ45/Fiber Combo Port1

Ethernet Software Features

ManagementBack Pressure Flow Control, DDNS, DHCP Server/Client, HTTP, LLDP, 
QoS/CoS/ToS, SMTP, SNMPv1/v2c/v3, Telnet, TFTP
RoutingThroughput: 40,000 packets per second (max. 500 Mbps)
Routing RedundancyVRRP
SecurityHTTPS/SSL, SSH, IPsec, OpenVPN (client and server), UDP and TCP 
Tunnel mode (routing) and TAP mode (bridge), L2TP (server), RADIUS
Time ManagementNTP Server/Client, SNTP
Unicast RoutingOSPF, RIPV1/V2, Static Route

Switch Properties

Max. No. of VLANs15

DoS and DDoS Protection

TechnologyARP-Flood, FIN Scan, ICMP-Death, NEWWithout-SYN Scan, NMAP-ID 
Scan, NMAP-Xmas Scan, Null Scan, SYN/FIN Scan, SYN/RST Scan, SYN-
Flood, Xmas Scan

Firewall

Deep Packet InspectionModbus TCP
Modbus UDP
FilterDDoS, Ethernet protocols, ICMP, IP address, MAC address, Ports
Quick Automation ProfilesDNP, EtherCAT, EtherNet/IP, FOUNDATION Fieldbus, FTP, HTTP, 
IEC 60870-104, IPsec, L2TP, LonWorks, Modbus TCP, PPTP, 
PROFINET, RADIUS, SSH, Telnet
Stateful InspectionRouter firewall
Transparent (bridge) firewall
ThroughputMax. 40000 packets per second (max. 500 Mbps)

IPsec VPN

AuthenticationMD5 and SHA (SHA-256)
RSA (key size: 1024-bit, 2048-bit)
X.509 v3 certificate
Concurrent VPN TunnelsMax. 100 IPsec VPN tunnels
Encryption3DES, AES-128, AES-192, AES-256, DES
ProtocolsIPsec, L2TP (server), PPTP (client)
ThroughputMax. 150 Mbps (Conditions: AES-256, SHA-256)

NAT

Features1-to-1, N-to-1, Port forwarding

OpenVPN

AuthenticationUser password by MD5 and SHA1
Concurrent VPN TunnelsClient Mode: max. 2 external servers
Server Mode: max. 5 external clients
EncryptionAES-128/192/256 CBC, Blowfish CBC, DES CBC, DES-EDE3 CBC
ProtocolsOpenVPN (client and server), UDP, and TCP, Tunnel mode (routing) and 
TAP mode (bridge), Tunnel mode (routing)

Real-Time Firewall / VPN Event Log

Event TypeFirewall event, System event, VPN event
MediaLocal storage, SNMP Trap, Syslog server

Serial Interface

Console PortWeb/Telnet/SSH/CLI, and RS-232 serial console

Power Parameters

ConnectionRemovable terminal block
Input Voltage12/24/48 VDC
Input Current0.45 A @ 24 VDC
Overload Current ProtectionSupported
Reverse Polarity ProtectionSupported

Environmental Limits

Operating TemperatureEDR-G903: 0 to 60°C (32 to 140°F)
EDR-G903-T: -40 to 75°C (-40 to 167°F)
Storage Temperature (package included)-40 to 85°C (-40 to 185°F)
Ambient Relative Humidity5 to 95% (non-condensing)

Standards and Certifications

FreefallIEC 60068-2-32
EMCEN 55032/24
EMICISPR 32, FCC Part 15B Class A
EMSIEC 61000-4-2 ESD: Contact: 6 kV; Air: 8 kV
IEC 61000-4-3 RS: 80 MHz to 1 GHz: 10 V/m
IEC 61000-4-4 EFT: Power: 4 kV; Signal: 4 kV
IEC 61000-4-5 Surge: Power: 2 kV; Signal: 1 kV
IEC 61000-4-6 CS: 10 V
IEC 61000-4-8 PFMF
SafetyUL 508
ShockIEC 60068-2-27
VibrationIEC 60068-2-6
Power SubstationIEC 61850-3

MTBF

Time903,311 hrs
StandardTelcordia (Bellcore), GB

Warranty

Warranty Period5 years
DetailsSee www.moxa.com/warranty
Name Type Version Release Date
Datasheet for EDR-G903 Series Datasheet V1.1 26 August 2019

EDR-G903

10/100/1000BaseT(X) RJ45 Connector, 100/1000Base SFP Slot Combo WAN Port 1
10/100/1000BaseT(X) RJ45 Connector, 100/1000Base SFP Slot Combo WAN/DMZ Port 1
Firewall/NAT/VPN
Operating Temp. 0 to 60°C

EDR-G903-T

10/100/1000BaseT(X) RJ45 Connector, 100/1000Base SFP Slot Combo WAN Port 1
10/100/1000BaseT(X) RJ45 Connector, 100/1000Base SFP Slot Combo WAN/DMZ Port 1
Firewall/NAT/VPN
Operating Temp. -40 to 75°C

Notice: Undefined variable: rs5 in /opt/lampp/htdocs/productview.php on line 633

Notice: Trying to get property 'tab_ap' of non-object in /opt/lampp/htdocs/productview.php on line 633


Notice: Undefined variable: title_ap in /opt/lampp/htdocs/productview.php on line 638


Notice: Undefined variable: detail_ap in /opt/lampp/htdocs/productview.php on line 639

บริษัท พีที ออโตเมชั่น (ไทยแลนด์) จำกัด

จันทร์ ถึง ศุกร์ เวลา 9.00 น. – 18.00 น.

EN
TH